nenette55

[RESOLU] En fait, les derniers drivers de Nvidia ne sont pas stables. Je suis revenu à une version antérieure et depuis plus de soucis!!!

Voici le lien pour le scan de ZHP Diag. © CJoint.com, 2012 De plus j'ai lu que les derniers driver 320.49 de chez Nvidia pouvaient provoquer des freezes donc je télécharge les 314.07 qui eux fonctionnaient très bien.

Bonsoir à tous. Je vais vous exposer mon problème qui est apparu il y a environ 2 semaines. Environ 1 fois toutes les 24H, soit je ne peux plus sortir le moniteur de sa veille ni avec le clavier ni avec la souris, soit la souris se met à clignoter 3 ou 4 fois, puis elle disparait. Et là, plus rien ne répond. Ni clavier, ni souris et donc reboot sauvage du PC. Je vais maintenant énumérer les différentes mesures prises jusqu'à maintenant sans résultats! - Nettoyage registre - Scan antivirus + Malware - Scan DHP diag - Flash du Bios+MAJ - Démontage et nettoyage du PC En revanche, je viens d'installer un systéme CPL pour internet il y a à peu prés 15 jours. Y aurait-il un lien? Merci pour vos réponses car là je n'ai pas trop envie de formater. Cordialement.

Je vous poste le rapport d'antivir. Je n' ai pas encore rebooter mais je pense que c'est bien parti!!!!! Avira AntiVir Personal Report file date: mercredi 13 août 2008 22:24 Scanning for 1551124 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: JEAN-0RE1R3LW1B Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 04/08/2008 20:23:36 ANTIVIR3.VDF : 7.0.6.9 292864 Bytes 13/08/2008 20:23:37 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 13/08/2008 20:23:47 AESCN.DLL : 8.1.0.23 119156 Bytes 13/08/2008 20:23:46 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50 AEPACK.DLL : 8.1.2.1 364917 Bytes 13/08/2008 20:23:46 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 13/08/2008 20:23:45 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 13/08/2008 20:23:44 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50 AEGEN.DLL : 8.1.0.35 315764 Bytes 13/08/2008 20:23:41 AEEMU.DLL : 8.1.0.7 430452 Bytes 13/08/2008 20:23:39 AECORE.DLL : 8.1.1.8 172406 Bytes 13/08/2008 20:23:38 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 13/08/2008 20:23:38 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, F:, K:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 13 août 2008 22:24 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'Watch.exe' - '1' Module(s) have been scanned Module is infected -> 'D:\PROGRA~1\Wanadoo\Watch.exe' Scan process 'YzShadow.exe' - '1' Module(s) have been scanned Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned Scan process 'RocketDock.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'SWTrayV4.EXE' - '1' Module(s) have been scanned Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned Scan process 'VCDDaemon.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned Scan process 'WLANCFG.EXE' - '1' Module(s) have been scanned Scan process 'Apache.exe' - '1' Module(s) have been scanned Scan process 'StarWindService.exe' - '1' Module(s) have been scanned Scan process 'RpcAgentSrv.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'nTuneService.exe' - '1' Module(s) have been scanned Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned Scan process 'Apache.exe' - '1' Module(s) have been scanned Scan process 'DkService.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned Process 'Watch.exe' has been terminated D:\PROGRA~1\Wanadoo\Watch.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! 50 processes with 49 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Boot sector 'K:\' [iNFO] No virus was found! Starting to scan the registry. D:\Program Files\Wanadoo\GestMaj.exe TaskBarIcon.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! The registry was scanned ( '72' files ). Starting the file scan: Begin scan in 'C:\' <Stockage Begin scan in 'D:\' D:\pagefile.sys [WARNING] The file could not be opened! D:\Program Files\Fichiers communs\Real\GToolbar\GoogleToolbarInstaller.exe [DETECTION] Is the TR/Dldr.Agent.aaar Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\Documents and Settings\Croisetu Jean-Marie\Application Data\m\flec006.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\mdelk.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\wintems.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\hldrrr.exe.vir [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\mdelk.exe.vir [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\srosa.sys.vir [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\134609.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\135937.exe.vir [DETECTION] Is the TR/Dldr.Bagle.IJ.52 Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\137140.exe.vir [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\159093.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\161218.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\QooBox\Quarantine\D\WINDOWS\system32\drivers\downld\165343.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0000268.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001428.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001429.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001431.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001435.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001436.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001494.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001495.exe [DETECTION] Is the TR/Dldr.Bagle.IJ.52 Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001496.exe [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001499.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001500.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001501.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001512.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001513.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001514.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001515.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001516.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001517.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP2\A0001563.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP3\A0001568.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP3\A0001569.exe [DETECTION] Is the TR/Dldr.Bagle.XZ Trojan [NOTE] The file was deleted! D:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP3\A0001570.exe [DETECTION] Is the TR/Dldr.Agent.aaar Trojan [NOTE] The file was deleted! D:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'E:\' <Add on FS> E:\FS2004_CaptainSim_Boeing_707\Captain_Sim\707\tce\TCE_707.exe [0] Archive type: OVL --> Object [DETECTION] Is the TR/Small.93696 Trojan [NOTE] The file was deleted! E:\System Volume Information\_restore{69C2DCB4-3113-45B0-B083-E3A77079A885}\RP3\A0001571.exe [0] Archive type: OVL --> Object [DETECTION] Is the TR/Small.93696 Trojan [NOTE] The file was deleted! Begin scan in 'F:\' <Jeux> F:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'K:\' <STOCKAGE 2> End of the scan: mercredi 13 août 2008 23:27 Used time: 1:02:51 Hour(s) The scan has been done completely. 10863 Scanning directories 438768 Files were scanned 44 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 39 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 438721 Files not concerned 3097 Archives were scanned 7 Warnings 39 Notes

Non il n' a pas trouvé de modifications. Néanmoins j'ai réussi à installer Antivir qui pour l'instant m 'a déja détecté 2 fichiers responsables de l'ouverture de la "fameuse fenetre". Pour l'instant il scanne l'ensemble de mon PC je vous tiens au courant de l'évolution de la situation. En espérant que ce soit concluant. Que de Patience.........

J'ai téléchargé Gmer et j'ai effectué l'analyse demandée mais il ne trouve rien d'anormal donc je n'ai pas de rapports à envoyer.

Comment puis je faire pour vous envoyer une photo de cette fameuse fenetre??? Sinon elle ressemble à celle ci: http://www.commentcamarche.net/faq/sujet-9...us-beagle-bagle

Certes mais cela m'empeche d'installer tout antivirus. De plus la fenetre classique qui s'ouvre au démarrage est à priori un des symptomes de Bagle! Donc pour l'instant je ne suis pas protéger. Que faire?

J'aurais bien aimé mettre RESOLU à mon Topic mais à priori le Ver est toujours là!!!! En effet lorsque j'ai voulu réinstaller mon antivirus j'ai eu un bel ecran bleu suivi lors de l'ouverture de session la fameuse fenêtre "Select a file to crack". J'en déduis donc que ce fameux Bagle est toujours là. Qu'en pensez vous? PS: Je tiens néanmoins à préciser que mes alertes Sécurité Windows refonctionnent (il a détecté l'absence d'Antivirus).

Merci pour votre précieuse aide ,je présume que je pourrais réinstaller mon antivirus sans probléme. Juste une question : puis je sans risque réactiver la restauration du systéme? Merci.

Voici le rapport de Hijackthis: En passant je vous remercie pour votre patience..... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:38:25, on 13/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Executive Software\Diskeeper\DkService.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe D:\WINDOWS\System32\FTRTSVC.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe D:\WINDOWS\system32\nvsvc32.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe D:\WINDOWS\system32\PnkBstrA.exe D:\WINDOWS\system32\PnkBstrB.exe D:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe D:\Program Files\Inventel\Gateway\wlancfg.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe D:\WINDOWS\System32\wbem\wmiapsrv.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\explorer.exe D:\Program Files\internet explorer\iexplore.exe D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\Documents and Settings\Croisetu Jean-Marie\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [CloneDVDElbyDelay] "D:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "D:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" /L AnyDVD O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [soundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sideWinderTrayV4] D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [amd_dc_opt] D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: TransBar.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: UberIcon.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Y'z Shadow.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'SYSTEM') O4 - .DEFAULT Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user') O4 - .DEFAULT Startup: TransBar.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'Default user') O4 - .DEFAULT Startup: UberIcon.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'Default user') O4 - .DEFAULT Startup: Y'z Shadow.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'Default user') O4 - Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: TransBar.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe O4 - Startup: UberIcon.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215712748637 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1215714768859 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - D:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 12027 bytes

Voici le rapport Malwarebytes, si j'en crois ce dernier il n'a rien trouvé. Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1046 Windows 5.1.2600 Service Pack 3 20:21:23 13/08/2008 mbam-log-8-13-2008 (20-21-23).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|K:\|) Eléments examinés: 275390 Temps écoulé: 1 hour(s), 0 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Voici le nouveau rapport suite à la création de CFSript. ComboFix 08-08-12.01 - Croisetu Jean-Marie 2008-08-13 19:15:15.11 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.623 [GMT 2:00] Endroit: D:\Documents and Settings\Croisetu Jean-Marie\Bureau\Combo-Fixe.exe Command switches used :: D:\Documents and Settings\Croisetu Jean-Marie\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-13 to 2008-08-13 )))))))))))))))))))))))))))))))))))) . 2008-08-13 18:08 . 2008-08-13 18:09 <REP> d-------- D:\Combo-Fix 2008-08-13 11:00 . 2008-08-13 11:00 <REP> d-------- D:\Program Files\Panda Security 2008-08-13 11:00 . 2008-06-19 17:24 28,544 --a------ D:\WINDOWS\system32\drivers\pavboot.sys 2008-08-13 10:57 . 2008-08-13 10:57 <REP> d-------- D:\WINDOWS\system32\Kaspersky Lab 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Malwarebytes 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-13 09:03 . 2008-07-30 20:07 38,472 --a------ D:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-13 09:03 . 2008-07-30 20:07 17,144 --a------ D:\WINDOWS\system32\drivers\mbam.sys 2008-08-13 05:57 . 2008-08-13 18:21 250 --a------ D:\WINDOWS\gmer.ini 2008-08-13 04:49 . 2008-08-13 05:33 <REP> d-------- D:\WINDOWS\BDOSCAN8 2008-08-13 03:27 . 2008-08-13 03:27 <REP> d-------- D:\Program Files\Alwil Software 2008-08-13 03:05 . 2008-08-13 03:05 <REP> d-------- D:\Program Files\Windows Sidebar 2008-08-13 03:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Norton AntiVirus 2008-08-13 02:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Symantec 2008-08-13 02:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Fichiers communs\Symantec Shared 2008-08-13 02:05 . 2008-08-13 03:10 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Symantec 2008-08-13 01:26 . 2008-04-14 04:33 221,184 --a------ D:\WINDOWS\system32\wmpns.dll 2008-08-12 22:02 . 2008-04-11 21:05 691,712 -----c--- D:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-12 22:02 . 2008-05-01 16:36 331,776 -----c--- D:\WINDOWS\system32\dllcache\msadce.dll 2008-08-12 09:37 . 2008-08-12 09:37 <REP> d-------- D:\Program Files\Fichiers communs\DirectX 2008-08-08 09:39 . 2008-08-08 09:40 27,575 --a------ D:\WINDOWS\Ascd_tmp.ini 2008-08-07 17:46 . 2008-08-07 17:46 <REP> d-------- D:\Program Files\Google 2008-08-07 17:46 . 2008-08-08 18:59 <REP> d-------- D:\Program Files\GameSpy Arcade 2008-08-07 14:02 . 2007-08-14 16:49 34,304 --a------ D:\WINDOWS\system32\drivers\AmdTools.sys 2008-08-06 14:22 . 2008-08-06 14:22 <REP> d-------- D:\Program Files\DIFX 2008-08-06 14:22 . 2006-07-01 22:42 43,520 --a------ D:\WINDOWS\system32\drivers\AmdK8.sys 2008-08-05 16:51 . 2008-08-05 16:51 <REP> d-------- D:\Program Files\AxBx 2008-08-04 19:16 . 2008-08-11 18:32 <REP> d-------- D:\Program Files\SpeedFan 2008-08-04 19:16 . 2008-08-04 19:16 45 --a------ D:\WINDOWS\system32\initdebug.nfo 2008-08-04 15:17 . 2008-08-04 15:17 <REP> d-------- D:\Program Files\AIDA32 - Personal System Information 2008-07-31 22:49 . 2008-07-31 22:49 <REP> d-------- D:\Program Files\Fichiers communs\xing shared 2008-07-31 22:49 . 2008-07-31 22:49 <REP> d-------- D:\Program Files\Fichiers communs\Real 2008-07-31 18:33 . 2008-08-04 14:18 <REP> d-------- D:\Program Files\ASUS 2008-07-31 18:33 . 2004-02-27 00:00 962,612 --a------ D:\WINDOWS\system32\mfc42d.dll 2008-07-31 18:33 . 2004-02-17 00:00 434,252 --a------ D:\WINDOWS\system32\MSVCRTD.DLL 2008-07-31 18:33 . 2006-01-10 16:50 24,576 --a------ D:\WINDOWS\system32\AsIO.dll 2008-07-31 18:33 . 2007-12-17 17:14 12,400 --a------ D:\WINDOWS\system32\drivers\AsIO.sys 2008-07-31 18:33 . 2008-01-04 13:34 11,832 --a------ D:\WINDOWS\system32\drivers\AsInsHelp64.sys 2008-07-31 18:33 . 2008-01-04 13:34 10,216 --a------ D:\WINDOWS\system32\drivers\AsInsHelp32.sys 2008-07-31 13:32 . 2008-07-31 13:32 <REP> d-------- D:\WINDOWS\system32\AGEIA 2008-07-31 13:32 . 2008-07-31 13:32 <REP> d-------- D:\Program Files\AGEIA Technologies 2008-07-30 11:56 . 2008-07-30 13:53 <REP> d-------- D:\WINDOWS\system32\Adobe 2008-07-29 18:46 . 2008-07-30 15:51 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Codemasters 2008-07-29 18:37 . 2008-07-29 18:37 <REP> d-------- D:\Program Files\OpenAL 2008-07-29 18:37 . 2008-03-05 15:56 3,786,760 --a------ D:\WINDOWS\system32\D3DX9_37.dll 2008-07-29 18:37 . 2008-03-05 15:56 1,420,824 --a------ D:\WINDOWS\system32\D3DCompiler_37.dll 2008-07-29 18:37 . 2008-04-28 15:53 805,400 -ra------ D:\WINDOWS\system32\tmpB1.tmp 2008-07-29 18:37 . 2008-04-28 15:53 805,400 -ra------ D:\WINDOWS\system32\tmpB0.tmp 2008-07-29 18:37 . 2008-03-05 16:03 479,752 --a------ D:\WINDOWS\system32\XAudio2_0.dll 2008-07-29 18:37 . 2008-02-05 23:07 462,864 --a------ D:\WINDOWS\system32\d3dx10_37.dll 2008-07-29 18:37 . 2008-07-29 18:37 444,952 --a------ D:\WINDOWS\system32\wrap_oal.dll 2008-07-29 18:37 . 2008-03-05 16:03 238,088 --a------ D:\WINDOWS\system32\xactengine3_0.dll 2008-07-29 18:37 . 2008-07-29 18:37 109,080 --a------ D:\WINDOWS\system32\OpenAL32.dll 2008-07-29 18:37 . 2008-03-05 16:00 25,608 --a------ D:\WINDOWS\system32\X3DAudio1_3.dll 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d--h----- D:\Documents and Settings\Administrateur\Voisinage réseau 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d--h----- D:\Documents and Settings\Administrateur\Voisinage d'impression 2008-07-29 10:12 . 2008-07-10 19:02 <REP> d--h----- D:\Documents and Settings\Administrateur\Modèles 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Mes documents 2008-07-29 10:12 . 2008-07-10 19:56 <REP> dr------- D:\Documents and Settings\Administrateur\Menu Démarrer 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Favoris 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Bureau 2008-07-29 10:12 . 2008-07-29 10:12 <REP> d-------- D:\Documents and Settings\Administrateur 2008-07-27 11:34 . 1998-06-18 00:00 89,360 --a------ D:\WINDOWS\system32\VB5DB.DLL 2008-07-22 10:52 . 2008-07-22 10:52 <REP> d-------- D:\Program Files\Xvid 2008-07-22 10:52 . 2006-11-01 14:52 765,952 --a------ D:\WINDOWS\system32\xvidcore.dll 2008-07-22 10:52 . 2006-11-01 14:54 180,224 --a------ D:\WINDOWS\system32\xvidvfw.dll 2008-07-22 10:52 . 2006-11-01 15:26 77,824 --a------ D:\WINDOWS\system32\xvid.ax 2008-07-21 20:14 . 2008-07-21 20:14 <REP> d-------- D:\Program Files\Fichiers communs\BioWare 2008-07-21 12:59 . 2008-07-21 12:59 <REP> d-------- D:\WINDOWS\Boeing 757 Professional 2006 2008-07-21 10:22 . 2008-07-21 11:47 2,048 --a------ D:\WINDOWS\lvld67.lic 2008-07-21 10:12 . 2008-07-21 10:12 61 ---hs---- D:\WINDOWS\cnerolf.dat 2008-07-21 09:07 . 2008-07-21 09:07 <REP> d-------- D:\WINDOWS\Applian FLV Player 2008-07-21 09:07 . 2008-07-21 09:07 <REP> d-------- D:\Program Files\FLV Player 2008-07-21 08:56 . 2008-07-21 08:56 <REP> d-------- D:\Program Files\MSXML 4.0 2008-07-21 00:27 . 2001-08-28 14:00 224,048 -rahs---- D:\ntldr 2008-07-21 00:27 . 2001-08-28 14:00 4,952 -rahs---- D:\Bootfont.bin 2008-07-20 14:29 . 2008-07-20 14:29 <REP> d-------- D:\Program Files\Aerosoft 2008-07-20 13:47 . 2008-07-20 14:25 <REP> d-------- D:\Program Files\FSBuild 2008-07-20 13:43 . 2008-07-21 11:46 737,280 --a------ D:\WINDOWS\iun6002.exe 2008-07-19 22:28 . 2008-07-19 22:28 <REP> d-------- D:\Program Files\NVIDIA nTune Performance Application 2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ D:\WINDOWS\WLXPGSS.SCR 2008-07-17 21:45 . 2008-07-17 21:48 <REP> d-------- D:\Program Files\RegCleaner 2008-07-17 18:09 . 2008-07-17 18:09 <REP> d--hs---- D:\WINDOWS\ftpcache 2008-07-16 20:16 . 2008-07-16 20:16 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Ubisoft 2008-07-16 20:15 . 2008-07-16 20:15 22,328 --a------ D:\Documents and Settings\Croisetu Jean-Marie\Application Data\PnkBstrK.sys 2008-07-15 22:28 . 2008-08-07 14:02 <REP> d-------- D:\Program Files\AMD 2008-07-15 22:28 . 2007-06-29 14:47 34,304 --a------ D:\WINDOWS\system32\drivers\AmdLLD.sys 2008-07-15 15:02 . 2008-07-15 15:03 <REP> d-------- D:\Program Files\7-Zip 2008-07-15 14:51 . 2008-07-15 17:05 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Bioshock 2008-07-15 14:48 . 2008-07-15 14:48 <REP> dr-h----- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\SecuROM 2008-07-15 14:43 . 2008-07-15 14:43 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\InstallShield 2008-07-15 14:03 . 2008-07-21 20:52 107,888 --a------ D:\WINDOWS\system32\CmdLineExt.dll 2008-07-14 17:58 . 2007-03-12 16:42 3,495,784 --a------ D:\WINDOWS\system32\d3dx9_33.dll 2008-07-14 17:58 . 2007-03-12 16:42 1,123,696 --a------ D:\WINDOWS\system32\D3DCompiler_33.dll 2008-07-14 17:58 . 2007-03-15 16:57 443,752 --a------ D:\WINDOWS\system32\d3dx10_33.dll 2008-07-13 00:29 . 2008-07-13 00:29 <REP> d-------- D:\Program Files\SiSoftware . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-13 16:30 --------- d-----w D:\Program Files\Wanadoo 2008-08-12 23:29 --------- d-----w D:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-12 22:56 --------- d-----w D:\Program Files\eMule 2008-08-12 22:49 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Azureus 2008-08-12 07:31 --------- d--h--w D:\Program Files\InstallShield Installation Information 2008-08-11 19:14 --------- d-----w D:\Program Files\Azureus 2008-08-07 12:01 --------- d-----w D:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-19 20:29 --------- d-----w D:\Program Files\NVIDIA Corporation 2008-07-18 14:50 --------- d-----w D:\Program Files\Windows Live 2008-07-16 18:15 66,872 ----a-w D:\WINDOWS\system32\PnkBstrA.exe 2008-07-16 18:15 22,328 ----a-w D:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-07-16 18:15 2,337,865 ----a-w D:\WINDOWS\system32\pbsvc.exe 2008-07-16 18:15 107,832 ----a-w D:\WINDOWS\system32\PnkBstrB.exe 2008-07-14 21:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield 2008-07-12 21:55 --------- d-----w D:\Program Files\HD Tune 2008-07-12 21:35 --------- d-----w D:\Program Files\Executive Software 2008-07-12 21:35 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Leadertech 2008-07-12 08:56 --------- d-----w D:\Documents and Settings\All Users\Application Data\NexonUS 2008-07-11 13:10 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\vlc 2008-07-11 09:57 --------- d-----w D:\Program Files\Microsoft Hardware 2008-07-11 09:36 --------- d-----w D:\Program Files\MSBuild 2008-07-11 09:36 --------- d-----w D:\Program Files\Microsoft Works 2008-07-11 09:35 --------- d-----w D:\Program Files\Microsoft.NET 2008-07-11 09:33 --------- d-----w D:\Program Files\Microsoft Visual Studio 8 2008-07-11 09:21 --------- d-----w D:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-11 09:20 --------- d-----w D:\Program Files\Lavasoft 2008-07-10 23:32 --------- d-----w D:\Program Files\Analog Devices 2008-07-10 23:05 --------- d-----w D:\Program Files\NOS 2008-07-10 23:05 --------- d-----w D:\Documents and Settings\All Users\Application Data\NOS 2008-07-10 23:03 --------- d-----w D:\Program Files\Fichiers communs\Adobe 2008-07-10 22:05 --------- d-----w D:\Program Files\Microsoft SQL Server Compact Edition 2008-07-10 22:03 --------- dcsh--w D:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-10 22:02 --------- d-----w D:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-10 21:45 64,859 ----a-w D:\WINDOWS\BricoPackUninst.cmd 2008-07-10 21:45 6,120 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd 2008-07-10 21:45 219,648 ----a-w D:\WINDOWS\system32\uxtheme.dll 2008-07-10 21:43 --------- d-----w D:\Program Files\Java 2008-07-10 21:42 --------- d-----w D:\Program Files\Fichiers communs\Java 2008-07-10 21:37 --------- d-----w D:\Program Files\VideoLAN 2008-07-10 21:29 --------- d-----w D:\Program Files\Fichiers communs\Ahead 2008-07-10 21:29 --------- d-----w D:\Program Files\Ahead 2008-07-10 21:27 --------- d-----w D:\Program Files\SlySoft 2008-07-10 21:27 --------- d-----w D:\Program Files\Elaborate Bytes 2008-07-10 21:15 --------- d-----w D:\Program Files\DAEMON Tools 2008-07-10 21:12 639,224 ----a-w D:\WINDOWS\system32\drivers\sptd.sys 2008-07-10 21:12 --------- d-----w D:\Program Files\Alcohol Soft 2008-07-10 21:11 --------- d-----w D:\Program Files\Alcohol.120.v1.9.5.3105.NEW200 2008-07-10 19:32 --------- d-----w D:\Program Files\Windows Media Connect 2 2008-07-10 19:13 --------- d-----w D:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-07-10 19:02 --------- d-----w D:\Program Files\PowerQuest 2008-07-10 18:08 --------- d-----w D:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2008-07-10 17:52 --------- d-----w D:\Program Files\Wanadoo Messager 2008-07-10 17:45 278,528 ----a-w D:\Program Files\Fichiers communs\FDEUnInstaller.exe 2008-07-10 17:44 81,920 ----a-w D:\WINDOWS\system32\W32N50.dll 2008-07-10 17:44 17,134 ----a-w D:\WINDOWS\system32\PCANDIS5.sys 2008-07-10 17:40 --------- d-----w D:\Program Files\Inventel 2008-07-10 17:37 --------- d-----w D:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-07-10 17:15 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Symantec 2008-07-10 17:05 --------- d-----w D:\Program Files\microsoft frontpage 2008-07-10 17:02 --------- d-----w D:\Program Files\Services en ligne 2008-07-07 20:28 253,952 ----a-w D:\WINDOWS\system32\es.dll 2008-06-24 16:44 74,240 ----a-w D:\WINDOWS\system32\mscms.dll 2008-06-23 16:28 826,368 ----a-w D:\WINDOWS\system32\wininet.dll 2008-06-20 17:47 247,808 ----a-w D:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w D:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w D:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:33 272,768 ------w D:\WINDOWS\system32\drivers\bthport.sys 2008-05-16 09:58 12,632 ----a-w D:\WINDOWS\system32\lsdelete.exe 2008-05-16 09:48 446,464 ----a-w D:\WINDOWS\system32\NVUNINST.EXE . ------- Sigcheck ------- 2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 D:\WINDOWS\explorer.exe 2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 D:\WINDOWS\$NtServicePackUninstall$\explorer.exe 2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 D:\WINDOWS\ServicePackFiles\i386\explorer.exe 2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 D:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\explorer.exe 2008-04-14 04:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd D:\WINDOWS\SoftwareDistribution\Download\bba2f670a60f4e414c2e1208f91a7749\explorer.exe . ((((((((((((((((((((((((((((( snapshot_2008-08-13_17.48.59.60 ))))))))))))))))))))))))))))))))))))))))) . + 2008-08-13 16:21:50 884,736 ----a-w D:\WINDOWS\gmer.dll + 2008-08-13 16:21:50 85,969 ----a-w D:\WINDOWS\system32\drivers\gmer.sys + 2008-08-13 16:11:31 16,384 ----atw D:\WINDOWS\temp\Perflib_Perfdata_58c.dat + 2008-08-13 16:50:34 16,384 ----atw D:\WINDOWS\temp\Perflib_Perfdata_65c.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "NVIDIA nTune"="D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 19:25 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088] "WOOTASKBARICON"="D:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592] "CloneCDTray"="D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2004-09-02 23:57 57344] "VirtualCloneDrive"="D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 12:28 45056] "CloneDVDElbyDelay"="D:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" [2002-11-02 08:33 45056] "ElbyCheckAnyDVD"="D:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" [2003-09-20 21:23 45056] "NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672] "SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776] "SideWinderTrayV4"="D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe" [2000-06-28 14:34 24649] "DiskeeperSystray"="D:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [2004-10-04 19:53 176216] "amd_dc_opt"="D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824] "TkBellExe"="D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-31 22:49 185896] "ccApp"="D:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-08-13 17:32 51048] "avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-08-13 17:34 78008] "nwiz"="nwiz.exe" [2008-05-16 14:01 1630208 D:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "D:\\Program Files\\Azureus\\Azureus.exe"= "D:\\Program Files\\eMule\\emule.exe"= "D:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= "D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "D:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "F:\Jeux\Combat Arms\CombatArms.exe"= F:\Jeux\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe "F:\Jeux\Combat Arms\Engine.exe"= F:\Jeux\Combat Arms\Engine.exe:*Enabled:Engine.exe "D:\\WINDOWS\\system32\\mmc.exe"= "D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\RpcAgentSrv.exe"= "F:\\Jeux\\FS2004\\fs9.exe"= "D:\\WINDOWS\\system32\\dpnsvr.exe"= "D:\\WINDOWS\\system32\\PnkBstrA.exe"= "D:\\WINDOWS\\system32\\PnkBstrB.exe"= "F:\\Jeux\\R6Vegas2\\Binaries\\R6Vegas2_Game.exe"= "F:\\Jeux\\R6Vegas2\\Binaries\\R6Vegas2_Launcher.exe"= "F:\\Jeux\\Coh\\RelicCOH.exe"= "F:\\Jeux\\Mass Effect\\Binaries\\MassEffect.exe"= "F:\\Jeux\\Mass Effect\\MassEffectLauncher.exe"= "F:\\Jeux\\Graw 2\\Ghost Recon Advanced Warfighter 2\\graw2.exe"= "F:\\Jeux\\Graw 2\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"= "D:\\Program Files\\ASUS\\AsusUpdate\\Update.exe"= "D:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"= "F:\\Jeux\\Beijing 2008\\Beijing.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 pavboot;pavboot;D:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 17:24] R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35] R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 SandraAgentSrv;SiSoftware Deployment Agent Service;D:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [2008-04-22 18:23] R3 AmdTools;AMD Special Tools Driver;D:\WINDOWS\system32\DRIVERS\AmdTools.sys [2007-08-14 16:49] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;D:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 11:12] R3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;D:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys [2001-08-17 23:02] *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-13 19:16:00 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-13 19:16:26 ComboFix-quarantined-files.txt 2008-08-13 17:16:23 ComboFix2.txt 2008-08-13 16:53:13 ComboFix3.txt 2008-08-13 16:09:38 ComboFix4.txt 2008-08-13 15:49:12 ComboFix5.txt 2008-08-13 17:14:55 Pre-Run: 35,466,461,184 octets libres Post-Run: 35,461,206,016 octets libres 299 --- E O F --- 2008-08-12 23:29:32 Maintenant je passe à l'étape suivante....

Voila je viens d'effecuer l'analyse avec Combo fixe.Voilà le rapport: ComboFix 08-08-12.01 - Croisetu Jean-Marie 2008-08-13 18:50:52.10 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.720 [GMT 2:00] AVERTISSEMENT - LA CONSOLE DE R+CUP+RATION N'EST PAS INSTALL+E SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\InfoSat.txt D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\data.oct D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\flec006.exe D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\list.oct D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\1st Email Anti-Virus 4.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\1Z0-023 - Architecture and Administration Practice Test Questions 1.0 Patch.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\3D Disco Baby 5.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\3D Fish School Screensaver 3.94 Serial.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\AC3Tools Pro 1.21.096 (Crack).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Acme TraceART 3.87 Crack.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\AllSync 2.7.58 [Crack].zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Amethyst CADconvert 2.02.20 (Cracked).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Application Blocker 1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Asian Building 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Astariel 3.1.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ASTRA - Advanced Sysinfo Tool 5.33.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\AutoPlot 2.2.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Battlefield 1942 - Aberdeen map.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Bit.Defender.Antivirus.Plus.v10.Fr.Incl-Serials.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Blasm IDE 1.09.10.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\BulletProof Ad-Free 4.6 [Key+Serial].zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\C-Traxx Renter 2.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Calcute 6.4.8.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ChainShot 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\City Generator 1.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ClipViewer 1.0.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ClipX 1.0.3.8.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Command & Conquer Generals - Tour of Egypt 2 map.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\CompRes 1.2 (Key).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\DFStack 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\DJ Mix Master 1.4 (Key).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Draven's Revenge 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Duplicate Killer for Outlook 2.01.0500.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Easter Bunnies Screensaver 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Easy Shredder 1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Easy Web Cam 3.5.10.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\EDID Viewer 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\EvJo Wallpaper Changer 1.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Fitness Calculators 1.0 (Serial).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Fixiter 4.1.18.232.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Flatspace II 1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Folder Pilot 1.00.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Fund Prices Downloader (Belgium Edition) 1.1.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Grisoft.Avg.Internet.Security.7.5.Multilingual.Serial.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Guide-Calculation 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Gunner 1.21.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\HanWJ Chinese Input Engine 3.94.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Hilitext 1.5 KeyGen.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Homebrew Low-Rights IE 1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\HttpWatch Basic Edition 5.0.10.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\HurricaneView 1.1 build 68.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Hypnotized Demo Screensaver 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\IBackup Personal 3.2.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Image Repainter 1.1 With Crack.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Image to PDF Dynamic Link Library 2.00.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Import Wizard 8.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ImTOO DVD to 3GP Converter 4.0.75.0525 (Crack).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\In The Year 2525 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Infragrip 2.61.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\IPNetShareX Pro 1.0c3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\IridiumBlue 1.00.0006.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\IVM Telephone Answering Attendant 4.03 [Crack].zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Javascript StretchMenu Builder 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Kid's Abacus 2.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Lithuania 02 07.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MDI Viewer 1.0.32.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Media Magnet 5.1 [serial].zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Memeo 1.50.1043.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MIDI2HEX 1.4.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MidiCart PHP Shopping Cart 6.10 (Serial).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Moon 3D ScreenSaver 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MP3 Converter 4.2.35 (With Crack).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MP3Resizer 1.7.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MSDict English-German Pro Dictionary (Pocket PC) 4.30.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\MySecretFolder 4.31.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Nod32.Antivirus.-.Español.Cracks.Con.Actualizacion.Infinita-2000-Xp.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\OBJ Export for IntelliCAD 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\omniNotables 3.0 Crack.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\OpenHalt 0.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Outlook 2003 Add-in Personal Folders Backup.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\PaintChips 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Panda Platinum 2006 v 10 Internet Security Español Crackeado Garantizado Por Luismi.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Plato DVD Copy 4.56.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Portfolio Performance Monitoring 1.0 (With Crack).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\PrintUsage Pro 2.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\PS Video To iPod Converter 1.10 Serial.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\PurchAce 1.4.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\R-Undelete 2.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Railroad Tycoon 3 Coast to Coast expansion.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Raise Data Recovery for NTFS 2.0.1 (With Crack).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Real Estate Investment Analysis Basic 15.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Redirector King 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\RentMaster 2.6.0.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Return to Castle Wolfenstein Ice map.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ROVE FileTracker 1.6.527.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Saurus CMS 4.4.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SC Audio Converter 7.2.0.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Schedule24 Standard 3.1.9.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Screensaversfree Octopus Screensaver 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ShowMyScreen 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Snappy Snippets 1.0.5.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SoftCollection Shooting-Range 1.58.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SoftPepper DVD to iPod Video Suite 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Soldier of Fortune II Double Helix - UpperClass map.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Sophos.Antivirus.V3.94.Multilanguage.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SpamJam 2.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Spare Backup 2.8.1.182.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SS Water Lily - Animated 3D Screensaver 3.11 (Serial).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\stcVolume 1.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Stock Sector Monitor 2.15.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Study Engine 2.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SWF SlideShow Scout 1.00 [Crack].zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\SyncBookmarks 1.02.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Temple 1.0 (Serial).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\The Bplan Creator 1.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\The Quiz Press 1.8.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Throttled Pro 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Trellian CodePad 1.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Tweak Revisited 1.5.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Unreal Tournament 2003 - Pipe Maze deathmatch map.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\VistaTask 6.80.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Visual Trace Route 0.8.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\VITO QuickContact (Windows Mobile 5.0) 2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\which 1.0.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Whizlabs XML Exam Simulator 5.2.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Wings II Email Stationery 1.0a.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Wit and Wisdom 2.02.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\WordLab 1.1.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Worldwide Soccer Manager 2006 demo (large).zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Xpunge 0.2.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\Xtreme Reading and Writing 1.3.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ZAP User Profile Mirror 1.0.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\shared\ZoneTick World Time Zone Clock 3.5.zip D:\Documents and Settings\Croisetu Jean-Marie\Application Data\m\srvlist.oct D:\WINDOWS\system32\drivers\downld D:\WINDOWS\system32\drivers\downld\116812.exe D:\WINDOWS\system32\drivers\downld\125546.exe D:\WINDOWS\system32\drivers\downld\128281.exe D:\WINDOWS\system32\drivers\downld\134640.exe D:\WINDOWS\system32\drivers\downld\163828.exe D:\WINDOWS\system32\drivers\downld\167250.exe D:\WINDOWS\system32\drivers\downld\230562.exe D:\WINDOWS\system32\drivers\downld\253812.exe D:\WINDOWS\system32\drivers\downld\99328.exe D:\WINDOWS\system32\drivers\hldrrr.exe D:\WINDOWS\system32\drivers\mdelk.exe D:\WINDOWS\system32\drivers\srosa.sys D:\WINDOWS\system32\mdelk.exe D:\WINDOWS\system32\wintems.exe . ((((((((((((((((((((((((((((( Fichiers crÚÚs 2008-07-13 to 2008-08-13 )))))))))))))))))))))))))))))))))))) . 2008-08-13 18:08 . 2008-08-13 18:09 <REP> d-------- D:\Combo-Fix 2008-08-13 11:00 . 2008-08-13 11:00 <REP> d-------- D:\Program Files\Panda Security 2008-08-13 11:00 . 2008-06-19 17:24 28,544 --a------ D:\WINDOWS\system32\drivers\pavboot.sys 2008-08-13 10:57 . 2008-08-13 10:57 <REP> d-------- D:\WINDOWS\system32\Kaspersky Lab 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Malwarebytes 2008-08-13 09:03 . 2008-08-13 09:03 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-13 09:03 . 2008-07-30 20:07 38,472 --a------ D:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-13 09:03 . 2008-07-30 20:07 17,144 --a------ D:\WINDOWS\system32\drivers\mbam.sys 2008-08-13 05:57 . 2008-08-13 18:21 250 --a------ D:\WINDOWS\gmer.ini 2008-08-13 04:49 . 2008-08-13 05:33 <REP> d-------- D:\WINDOWS\BDOSCAN8 2008-08-13 03:27 . 2008-08-13 03:27 <REP> d-------- D:\Program Files\Alwil Software 2008-08-13 03:05 . 2008-08-13 03:05 <REP> d-------- D:\Program Files\Windows Sidebar 2008-08-13 03:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Norton AntiVirus 2008-08-13 02:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Symantec 2008-08-13 02:05 . 2008-08-13 17:33 <REP> d-------- D:\Program Files\Fichiers communs\Symantec Shared 2008-08-13 02:05 . 2008-08-13 03:10 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Symantec 2008-08-13 01:26 . 2008-04-14 04:33 221,184 --a------ D:\WINDOWS\system32\wmpns.dll 2008-08-12 22:02 . 2008-04-11 21:05 691,712 -----c--- D:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-12 22:02 . 2008-05-01 16:36 331,776 -----c--- D:\WINDOWS\system32\dllcache\msadce.dll 2008-08-12 09:37 . 2008-08-12 09:37 <REP> d-------- D:\Program Files\Fichiers communs\DirectX 2008-08-08 09:39 . 2008-08-08 09:40 27,575 --a------ D:\WINDOWS\Ascd_tmp.ini 2008-08-07 17:46 . 2008-08-07 17:46 <REP> d-------- D:\Program Files\Google 2008-08-07 17:46 . 2008-08-08 18:59 <REP> d-------- D:\Program Files\GameSpy Arcade 2008-08-07 14:02 . 2007-08-14 16:49 34,304 --a------ D:\WINDOWS\system32\drivers\AmdTools.sys 2008-08-06 14:22 . 2008-08-06 14:22 <REP> d-------- D:\Program Files\DIFX 2008-08-06 14:22 . 2006-07-01 22:42 43,520 --a------ D:\WINDOWS\system32\drivers\AmdK8.sys 2008-08-05 16:51 . 2008-08-05 16:51 <REP> d-------- D:\Program Files\AxBx 2008-08-04 19:16 . 2008-08-11 18:32 <REP> d-------- D:\Program Files\SpeedFan 2008-08-04 19:16 . 2008-08-04 19:16 45 --a------ D:\WINDOWS\system32\initdebug.nfo 2008-08-04 15:17 . 2008-08-04 15:17 <REP> d-------- D:\Program Files\AIDA32 - Personal System Information 2008-07-31 22:49 . 2008-07-31 22:49 <REP> d-------- D:\Program Files\Fichiers communs\xing shared 2008-07-31 22:49 . 2008-07-31 22:49 <REP> d-------- D:\Program Files\Fichiers communs\Real 2008-07-31 18:33 . 2008-08-04 14:18 <REP> d-------- D:\Program Files\ASUS 2008-07-31 18:33 . 2004-02-27 00:00 962,612 --a------ D:\WINDOWS\system32\mfc42d.dll 2008-07-31 18:33 . 2004-02-17 00:00 434,252 --a------ D:\WINDOWS\system32\MSVCRTD.DLL 2008-07-31 18:33 . 2006-01-10 16:50 24,576 --a------ D:\WINDOWS\system32\AsIO.dll 2008-07-31 18:33 . 2007-12-17 17:14 12,400 --a------ D:\WINDOWS\system32\drivers\AsIO.sys 2008-07-31 18:33 . 2008-01-04 13:34 11,832 --a------ D:\WINDOWS\system32\drivers\AsInsHelp64.sys 2008-07-31 18:33 . 2008-01-04 13:34 10,216 --a------ D:\WINDOWS\system32\drivers\AsInsHelp32.sys 2008-07-31 13:32 . 2008-07-31 13:32 <REP> d-------- D:\WINDOWS\system32\AGEIA 2008-07-31 13:32 . 2008-07-31 13:32 <REP> d-------- D:\Program Files\AGEIA Technologies 2008-07-30 11:56 . 2008-07-30 13:53 <REP> d-------- D:\WINDOWS\system32\Adobe 2008-07-29 18:46 . 2008-07-30 15:51 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Codemasters 2008-07-29 18:37 . 2008-07-29 18:37 <REP> d-------- D:\Program Files\OpenAL 2008-07-29 18:37 . 2008-03-05 15:56 3,786,760 --a------ D:\WINDOWS\system32\D3DX9_37.dll 2008-07-29 18:37 . 2008-03-05 15:56 1,420,824 --a------ D:\WINDOWS\system32\D3DCompiler_37.dll 2008-07-29 18:37 . 2008-04-28 15:53 805,400 -ra------ D:\WINDOWS\system32\tmpB1.tmp 2008-07-29 18:37 . 2008-04-28 15:53 805,400 -ra------ D:\WINDOWS\system32\tmpB0.tmp 2008-07-29 18:37 . 2008-03-05 16:03 479,752 --a------ D:\WINDOWS\system32\XAudio2_0.dll 2008-07-29 18:37 . 2008-02-05 23:07 462,864 --a------ D:\WINDOWS\system32\d3dx10_37.dll 2008-07-29 18:37 . 2008-07-29 18:37 444,952 --a------ D:\WINDOWS\system32\wrap_oal.dll 2008-07-29 18:37 . 2008-03-05 16:03 238,088 --a------ D:\WINDOWS\system32\xactengine3_0.dll 2008-07-29 18:37 . 2008-07-29 18:37 109,080 --a------ D:\WINDOWS\system32\OpenAL32.dll 2008-07-29 18:37 . 2008-03-05 16:00 25,608 --a------ D:\WINDOWS\system32\X3DAudio1_3.dll 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d--h----- D:\Documents and Settings\Administrateur\Voisinage réseau 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d--h----- D:\Documents and Settings\Administrateur\Voisinage d'impression 2008-07-29 10:12 . 2008-07-10 19:02 <REP> d--h----- D:\Documents and Settings\Administrateur\Modèles 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Mes documents 2008-07-29 10:12 . 2008-07-10 19:56 <REP> dr------- D:\Documents and Settings\Administrateur\Menu Démarrer 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Favoris 2008-07-29 10:12 . 2008-07-10 19:56 <REP> d-------- D:\Documents and Settings\Administrateur\Bureau 2008-07-29 10:12 . 2008-07-29 10:12 <REP> d-------- D:\Documents and Settings\Administrateur 2008-07-27 11:34 . 1998-06-18 00:00 89,360 --a------ D:\WINDOWS\system32\VB5DB.DLL 2008-07-22 10:52 . 2008-07-22 10:52 <REP> d-------- D:\Program Files\Xvid 2008-07-22 10:52 . 2006-11-01 14:52 765,952 --a------ D:\WINDOWS\system32\xvidcore.dll 2008-07-22 10:52 . 2006-11-01 14:54 180,224 --a------ D:\WINDOWS\system32\xvidvfw.dll 2008-07-22 10:52 . 2006-11-01 15:26 77,824 --a------ D:\WINDOWS\system32\xvid.ax 2008-07-21 20:14 . 2008-07-21 20:14 <REP> d-------- D:\Program Files\Fichiers communs\BioWare 2008-07-21 12:59 . 2008-07-21 12:59 <REP> d-------- D:\WINDOWS\Boeing 757 Professional 2006 2008-07-21 10:22 . 2008-07-21 11:47 2,048 --a------ D:\WINDOWS\lvld67.lic 2008-07-21 10:12 . 2008-07-21 10:12 61 ---hs---- D:\WINDOWS\cnerolf.dat 2008-07-21 09:07 . 2008-07-21 09:07 <REP> d-------- D:\WINDOWS\Applian FLV Player 2008-07-21 09:07 . 2008-07-21 09:07 <REP> d-------- D:\Program Files\FLV Player 2008-07-21 08:56 . 2008-07-21 08:56 <REP> d-------- D:\Program Files\MSXML 4.0 2008-07-21 00:27 . 2001-08-28 14:00 224,048 -rahs---- D:\ntldr 2008-07-21 00:27 . 2001-08-28 14:00 4,952 -rahs---- D:\Bootfont.bin 2008-07-20 14:29 . 2008-07-20 14:29 <REP> d-------- D:\Program Files\Aerosoft 2008-07-20 13:47 . 2008-07-20 14:25 <REP> d-------- D:\Program Files\FSBuild 2008-07-20 13:43 . 2008-07-21 11:46 737,280 --a------ D:\WINDOWS\iun6002.exe 2008-07-19 22:28 . 2008-07-19 22:28 <REP> d-------- D:\Program Files\NVIDIA nTune Performance Application 2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ D:\WINDOWS\WLXPGSS.SCR 2008-07-17 21:45 . 2008-07-17 21:48 <REP> d-------- D:\Program Files\RegCleaner 2008-07-17 18:09 . 2008-07-17 18:09 <REP> d--hs---- D:\WINDOWS\ftpcache 2008-07-16 20:16 . 2008-07-16 20:16 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Ubisoft 2008-07-16 20:15 . 2008-07-16 20:15 22,328 --a------ D:\Documents and Settings\Croisetu Jean-Marie\Application Data\PnkBstrK.sys 2008-07-15 22:28 . 2008-08-07 14:02 <REP> d-------- D:\Program Files\AMD 2008-07-15 22:28 . 2007-06-29 14:47 34,304 --a------ D:\WINDOWS\system32\drivers\AmdLLD.sys 2008-07-15 15:02 . 2008-07-15 15:03 <REP> d-------- D:\Program Files\7-Zip 2008-07-15 14:51 . 2008-07-15 17:05 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Bioshock 2008-07-15 14:48 . 2008-07-15 14:48 <REP> dr-h----- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\SecuROM 2008-07-15 14:43 . 2008-07-15 14:43 <REP> d-------- D:\Documents and Settings\Croisetu Jean-Marie\Application Data\InstallShield 2008-07-15 14:03 . 2008-07-21 20:52 107,888 --a------ D:\WINDOWS\system32\CmdLineExt.dll 2008-07-14 17:58 . 2007-03-12 16:42 3,495,784 --a------ D:\WINDOWS\system32\d3dx9_33.dll 2008-07-14 17:58 . 2007-03-12 16:42 1,123,696 --a------ D:\WINDOWS\system32\D3DCompiler_33.dll 2008-07-14 17:58 . 2007-03-15 16:57 443,752 --a------ D:\WINDOWS\system32\d3dx10_33.dll 2008-07-13 00:29 . 2008-07-13 00:29 <REP> d-------- D:\Program Files\SiSoftware . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-13 16:30 --------- d-----w D:\Program Files\Wanadoo 2008-08-12 23:29 --------- d-----w D:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-12 22:56 --------- d-----w D:\Program Files\eMule 2008-08-12 22:49 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Azureus 2008-08-12 07:31 --------- d--h--w D:\Program Files\InstallShield Installation Information 2008-08-11 19:14 --------- d-----w D:\Program Files\Azureus 2008-08-07 12:01 --------- d-----w D:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-19 20:29 --------- d-----w D:\Program Files\NVIDIA Corporation 2008-07-18 14:50 --------- d-----w D:\Program Files\Windows Live 2008-07-16 18:15 66,872 ----a-w D:\WINDOWS\system32\PnkBstrA.exe 2008-07-16 18:15 22,328 ----a-w D:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-07-16 18:15 2,337,865 ----a-w D:\WINDOWS\system32\pbsvc.exe 2008-07-16 18:15 107,832 ----a-w D:\WINDOWS\system32\PnkBstrB.exe 2008-07-14 21:32 --------- d-----w D:\Program Files\Fichiers communs\InstallShield 2008-07-12 21:55 --------- d-----w D:\Program Files\HD Tune 2008-07-12 21:35 --------- d-----w D:\Program Files\Executive Software 2008-07-12 21:35 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Leadertech 2008-07-12 08:56 --------- d-----w D:\Documents and Settings\All Users\Application Data\NexonUS 2008-07-11 13:10 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\vlc 2008-07-11 09:57 --------- d-----w D:\Program Files\Microsoft Hardware 2008-07-11 09:36 --------- d-----w D:\Program Files\MSBuild 2008-07-11 09:36 --------- d-----w D:\Program Files\Microsoft Works 2008-07-11 09:35 --------- d-----w D:\Program Files\Microsoft.NET 2008-07-11 09:33 --------- d-----w D:\Program Files\Microsoft Visual Studio 8 2008-07-11 09:21 --------- d-----w D:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-11 09:20 --------- d-----w D:\Program Files\Lavasoft 2008-07-10 23:32 --------- d-----w D:\Program Files\Analog Devices 2008-07-10 23:05 --------- d-----w D:\Program Files\NOS 2008-07-10 23:05 --------- d-----w D:\Documents and Settings\All Users\Application Data\NOS 2008-07-10 23:03 --------- d-----w D:\Program Files\Fichiers communs\Adobe 2008-07-10 22:05 --------- d-----w D:\Program Files\Microsoft SQL Server Compact Edition 2008-07-10 22:03 --------- dcsh--w D:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-10 22:02 --------- d-----w D:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-10 21:45 64,859 ----a-w D:\WINDOWS\BricoPackUninst.cmd 2008-07-10 21:45 6,120 ----a-w D:\WINDOWS\BricoPackFoldersDelete.cmd 2008-07-10 21:45 219,648 ----a-w D:\WINDOWS\system32\uxtheme.dll 2008-07-10 21:43 --------- d-----w D:\Program Files\Java 2008-07-10 21:42 --------- d-----w D:\Program Files\Fichiers communs\Java 2008-07-10 21:37 --------- d-----w D:\Program Files\VideoLAN 2008-07-10 21:29 --------- d-----w D:\Program Files\Fichiers communs\Ahead 2008-07-10 21:29 --------- d-----w D:\Program Files\Ahead 2008-07-10 21:27 --------- d-----w D:\Program Files\SlySoft 2008-07-10 21:27 --------- d-----w D:\Program Files\Elaborate Bytes 2008-07-10 21:15 --------- d-----w D:\Program Files\DAEMON Tools 2008-07-10 21:12 639,224 ----a-w D:\WINDOWS\system32\drivers\sptd.sys 2008-07-10 21:12 --------- d-----w D:\Program Files\Alcohol Soft 2008-07-10 21:11 --------- d-----w D:\Program Files\Alcohol.120.v1.9.5.3105.NEW200 2008-07-10 19:32 --------- d-----w D:\Program Files\Windows Media Connect 2 2008-07-10 19:13 --------- d-----w D:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-07-10 19:02 --------- d-----w D:\Program Files\PowerQuest 2008-07-10 18:08 --------- d-----w D:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2008-07-10 17:52 --------- d-----w D:\Program Files\Wanadoo Messager 2008-07-10 17:45 278,528 ----a-w D:\Program Files\Fichiers communs\FDEUnInstaller.exe 2008-07-10 17:44 81,920 ----a-w D:\WINDOWS\system32\W32N50.dll 2008-07-10 17:44 17,134 ----a-w D:\WINDOWS\system32\PCANDIS5.sys 2008-07-10 17:40 --------- d-----w D:\Program Files\Inventel 2008-07-10 17:37 --------- d-----w D:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-07-10 17:15 --------- d-----w D:\Documents and Settings\Croisetu Jean-Marie\Application Data\Symantec 2008-07-10 17:05 --------- d-----w D:\Program Files\microsoft frontpage 2008-07-10 17:02 --------- d-----w D:\Program Files\Services en ligne 2008-07-07 20:28 253,952 ----a-w D:\WINDOWS\system32\es.dll 2008-06-24 16:44 74,240 ----a-w D:\WINDOWS\system32\mscms.dll 2008-06-23 16:28 826,368 ----a-w D:\WINDOWS\system32\wininet.dll 2008-06-20 17:47 247,808 ----a-w D:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w D:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w D:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:33 272,768 ------w D:\WINDOWS\system32\drivers\bthport.sys 2008-05-16 09:58 12,632 ----a-w D:\WINDOWS\system32\lsdelete.exe 2008-05-16 09:48 446,464 ----a-w D:\WINDOWS\system32\NVUNINST.EXE . ------- Sigcheck ------- 2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 D:\WINDOWS\explorer.exe 2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 D:\WINDOWS\$NtServicePackUninstall$\explorer.exe 2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 D:\WINDOWS\ServicePackFiles\i386\explorer.exe 2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 D:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\explorer.exe 2008-04-14 04:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd D:\WINDOWS\SoftwareDistribution\Download\bba2f670a60f4e414c2e1208f91a7749\explorer.exe . ((((((((((((((((((((((((((((( snapshot_2008-08-13_17.48.59.60 ))))))))))))))))))))))))))))))))))))))))) . + 2008-08-13 16:21:50 884,736 ----a-w D:\WINDOWS\gmer.dll + 2008-08-13 16:21:50 85,969 ----a-w D:\WINDOWS\system32\drivers\gmer.sys + 2008-08-13 16:11:31 16,384 ----atw D:\WINDOWS\temp\Perflib_Perfdata_58c.dat + 2008-08-13 16:50:34 16,384 ----atw D:\WINDOWS\temp\Perflib_Perfdata_65c.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ÚlÚments vides & les ÚlÚments initiaux lÚgitimes ne sont pas listÚs [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "NVIDIA nTune"="D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 19:25 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088] "WOOTASKBARICON"="D:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592] "CloneCDTray"="D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2004-09-02 23:57 57344] "VirtualCloneDrive"="D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 12:28 45056] "CloneDVDElbyDelay"="D:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" [2002-11-02 08:33 45056] "ElbyCheckAnyDVD"="D:\Program Files\SlySoft\AnyDVD\ElbyCheck.exe" [2003-09-20 21:23 45056] "NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672] "SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 04:07 843776] "SideWinderTrayV4"="D:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe" [2000-06-28 14:34 24649] "DiskeeperSystray"="D:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [2004-10-04 19:53 176216] "amd_dc_opt"="D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824] "TkBellExe"="D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-31 22:49 185896] "ccApp"="D:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-08-13 17:32 51048] "avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-08-13 17:34 78008] "nwiz"="nwiz.exe" [2008-05-16 14:01 1630208 D:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] D:\Documents and Settings\Croisetu Jean-Marie\Menu D‚marrer\Programmes\D‚marrage\ RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784] TransBar.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536] UberIcon.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224] Y'z Shadow.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "D:\\Program Files\\Azureus\\Azureus.exe"= "D:\\Program Files\\eMule\\emule.exe"= "D:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= "D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "D:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "F:\Jeux\Combat Arms\CombatArms.exe"= F:\Jeux\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe "F:\Jeux\Combat Arms\Engine.exe"= F:\Jeux\Combat Arms\Engine.exe:*Enabled:Engine.exe "D:\\WINDOWS\\system32\\mmc.exe"= "D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\RpcAgentSrv.exe"= "F:\\Jeux\\FS2004\\fs9.exe"= "D:\\WINDOWS\\system32\\dpnsvr.exe"= "D:\\WINDOWS\\system32\\PnkBstrA.exe"= "D:\\WINDOWS\\system32\\PnkBstrB.exe"= "F:\\Jeux\\R6Vegas2\\Binaries\\R6Vegas2_Game.exe"= "F:\\Jeux\\R6Vegas2\\Binaries\\R6Vegas2_Launcher.exe"= "F:\\Jeux\\Coh\\RelicCOH.exe"= "F:\\Jeux\\Mass Effect\\Binaries\\MassEffect.exe"= "F:\\Jeux\\Mass Effect\\MassEffectLauncher.exe"= "F:\\Jeux\\Graw 2\\Ghost Recon Advanced Warfighter 2\\graw2.exe"= "F:\\Jeux\\Graw 2\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"= "D:\\Program Files\\ASUS\\AsusUpdate\\Update.exe"= "D:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"= "F:\\Jeux\\Beijing 2008\\Beijing.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 pavboot;pavboot;D:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 17:24] R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35] R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 SandraAgentSrv;SiSoftware Deployment Agent Service;D:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [2008-04-22 18:23] R3 AmdTools;AMD Special Tools Driver;D:\WINDOWS\system32\DRIVERS\AmdTools.sys [2007-08-14 16:49] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;D:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 11:12] R3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;D:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys [2001-08-17 23:02] *Newly Created Service* - CATCHME . . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.wanadoo.fr R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore O8 -: E&xporter vers Microsoft Excel - D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab D:\WINDOWS\Downloaded Program Files\oscan8.inf D:\WINDOWS\Downloaded Program Files\oscan81.ocx_x D:\WINDOWS\bdoscandellang.ini D:\WINDOWS\bdoscandel.exe D:\WINDOWS\Downloaded Program Files\live.ini D:\WINDOWS\Downloaded Program Files\scanoptions.tsi D:\WINDOWS\Downloaded Program Files\lang.ini D:\WINDOWS\Downloaded Program Files\ipsupd.dll D:\WINDOWS\Downloaded Program Files\bdupd.dll D:\WINDOWS\Downloaded Program Files\libfn.dll D:\WINDOWS\Downloaded Program Files\bdcore.dll D:\WINDOWS\Downloaded Program Files\oscan8.ocx ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-13 18:52:32 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cachÚs ... Balayage cachÚ autostart entries ... Balayage des fichiers cachÚs ... Scan terminÚ avec succÞs Les fichiers cachÚs: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe D:\Program Files\Executive Software\Diskeeper\DkService.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe D:\WINDOWS\system32\FTRTSVC.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe D:\WINDOWS\system32\nvsvc32.exe D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe D:\WINDOWS\system32\PnkBstrA.exe D:\WINDOWS\system32\PnkBstrB.exe D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe D:\Program Files\Inventel\Gateway\WLANCFG.EXE D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe D:\WINDOWS\system32\wbem\wmiapsrv.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-13 18:53:12 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-13 16:53:09 ComboFix2.txt 2008-08-13 16:09:38 ComboFix3.txt 2008-08-13 15:49:12 ComboFix4.txt 2008-08-13 06:52:52 ComboFix5.txt 2008-08-13 16:46:53 Pre-Run: 35,516,198,912 octets libres Post-Run: 35,509,366,784 octets libres 497 --- E O F --- 2008-08-12 23:29:32 Voilà en espérant que cela vous aide......

Bonsoir à tous, là j'ai besoin d'aide car le ver Bagle vient de faire son apparition dans l'univers de ma machine. Je n'ai plus d'antivirus actif (à cause de win32 non valide),malgré de nombreux scan en ligne qui ont tous détectés Bagle je n'arrive pas à l'eradiquer. J'ai également téléchargé ELIBAGLA et Combo fix mais a priori ca ne marche pas. Ils détectent tout deux Bagle, à priori l'efface mais lors du reboot de la machine il revient. Je précise également que j'ai désactivé la restauration du systeme. Donc la maintenant je suis sans solutions à moins que vous ne puissiez m'aider. Merci d'avance.